Skip to content

C
converse.js
Commit ed9afe9a authored by JC Brand's avatar JC Brand
Browse files
Options

Only include key and not whole payload from libsignal

parent 18c7ba4a
Show whitespace changes
Inline Side-by-side
Showing with 20 additions and 29 deletions
CHANGES.md
View file @ ed9afe9a
...@@ -10,10 +10,11 @@ ...@@ -10,10 +10,11 @@
- #421 XEP-0308: Last Message Correction - #421 XEP-0308: Last Message Correction
- #497 XEP-0384: OMEMO encrypted messaging - #497 XEP-0384: OMEMO encrypted messaging
- #968 Use nickname from VCard when joining a room - #968 Use nickname from VCard when joining a room
- #1081 Allow for shift-enter to insert newlines
- #1091 There's now only one CSS file for all view modes. - #1091 There's now only one CSS file for all view modes.
- #1094 Show room members who aren't currently online - #1094 Show room members who aren't currently online
- #1106 Support for Roster Versioning - #1106 Support for Roster Versioning
- #1081 Allow for shift-enter to insert newlines - #1137 Autocompletion and support for [XEP-0372 References](https://xmpp.org/extensions/xep-0372.html), specifically section "3.2 Mentions".
- It's now also possible to edit your VCard via the UI - It's now also possible to edit your VCard via the UI
- Automatically grow/shrink input as text is entered/removed - Automatically grow/shrink input as text is entered/removed
- MP4 and MP3 files when sent as XEP-0066 Out of Band Data, are now playable directly in chat - MP4 and MP3 files when sent as XEP-0066 Out of Band Data, are now playable directly in chat
...@@ -24,7 +25,6 @@ ...@@ -24,7 +25,6 @@
If the device is trusted, localStorage is used and user data is cached indefinitely. If the device is trusted, localStorage is used and user data is cached indefinitely.
- Initial support for [XEP-0357 Push Notifications](https://xmpp.org/extensions/xep-0357.html), specifically registering an "App Server". - Initial support for [XEP-0357 Push Notifications](https://xmpp.org/extensions/xep-0357.html), specifically registering an "App Server".
- Add support for logging in via OAuth (see the [oauth_providers](https://conversejs.org/docs/html/configurations.html#oauth-providers) setting) - Add support for logging in via OAuth (see the [oauth_providers](https://conversejs.org/docs/html/configurations.html#oauth-providers) setting)
- Add support for [XEP-0372 References](https://xmpp.org/extensions/xep-0372.html), specifically section "3.2 Mentions".
### Bugfixes ### Bugfixes
......
dist/converse.js
View file @ ed9afe9a
...@@ -71811,12 +71811,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_ ...@@ -71811,12 +71811,11 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
decrypt(attrs) { decrypt(attrs) {
const _converse = this.__super__._converse, const _converse = this.__super__._converse,
address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)), address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)),
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address), session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address); // https://xmpp.org/extensions/xep-0384.html#usecases-receiving
libsignal_payload = JSON.parse(atob(attrs.encrypted.key)); // https://xmpp.org/extensions/xep-0384.html#usecases-receiving
if (attrs.encrypted.prekey === 'true') { if (attrs.encrypted.prekey === 'true') {
let plaintext; let plaintext;
return session_cipher.decryptPreKeyWhisperMessage(libsignal_payload.body, 'binary').then(key_and_tag => { return session_cipher.decryptPreKeyWhisperMessage(atob(attrs.encrypted.key), 'binary').then(key_and_tag => {
if (attrs.encrypted.payload) { if (attrs.encrypted.payload) {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag)); const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, { return this.decryptMessage(_.extend(attrs.encrypted, {
...@@ -71844,7 +71843,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_ ...@@ -71844,7 +71843,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
return attrs; return attrs;
}); });
} else { } else {
return session_cipher.decryptWhisperMessage(libsignal_payload.body, 'binary').then(key_and_tag => { return session_cipher.decryptWhisperMessage(atob(attrs.encrypted.key), 'binary').then(key_and_tag => {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag)); const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, { return this.decryptMessage(_.extend(attrs.encrypted, {
'key': aes_data.key, 'key': aes_data.key,
...@@ -71943,7 +71942,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_ ...@@ -71943,7 +71942,7 @@ var __WEBPACK_AMD_DEFINE_FACTORY__, __WEBPACK_AMD_DEFINE_ARRAY__, __WEBPACK_AMD_
prekey = 3 == parseInt(payload.type, 10); prekey = 3 == parseInt(payload.type, 10);
stanza.c('key', { stanza.c('key', {
'rid': device.get('id') 'rid': device.get('id')
}).t(btoa(JSON.stringify(dicts[i].payload))); }).t(btoa(payload.body));
if (prekey) { if (prekey) {
stanza.attrs({ stanza.attrs({
spec/omemo.js
View file @ ed9afe9a
...@@ -188,8 +188,8 @@ ...@@ -188,8 +188,8 @@
`<body>This is an OMEMO encrypted message which your client doesn’t seem to support. Find more information on https://conversations.im/omemo</body>`+ `<body>This is an OMEMO encrypted message which your client doesn’t seem to support. Find more information on https://conversations.im/omemo</body>`+
`<encrypted xmlns='eu.siacs.conversations.axolotl'>`+ `<encrypted xmlns='eu.siacs.conversations.axolotl'>`+
`<header sid='123456789'>`+ `<header sid='123456789'>`+
`<key rid='482886413b977930064a5888b92134fe'>eyJ0eXBlIjoxLCJib2R5IjoiYzFwaDNSNzNYNyIsInJlZ2lzdHJhdGlvbklkIjoiMTMzNyJ9</key>`+ `<key rid='482886413b977930064a5888b92134fe'>YzFwaDNSNzNYNw==</key>`+
`<key rid='555'>eyJ0eXBlIjoxLCJib2R5IjoiYzFwaDNSNzNYNyIsInJlZ2lzdHJhdGlvbklkIjoiMTMzNyJ9</key>`+ `<key rid='555'>YzFwaDNSNzNYNw==</key>`+
`<iv>${sent_stanza.nodeTree.querySelector('iv').textContent}</iv>`+ `<iv>${sent_stanza.nodeTree.querySelector('iv').textContent}</iv>`+
`</header>`+ `</header>`+
`<payload>${sent_stanza.nodeTree.querySelector('payload').textContent}</payload>`+ `<payload>${sent_stanza.nodeTree.querySelector('payload').textContent}</payload>`+
...@@ -203,11 +203,6 @@ ...@@ -203,11 +203,6 @@
// XXX: Normally the key will be encrypted via libsignal. // XXX: Normally the key will be encrypted via libsignal.
// However, we're mocking libsignal in the tests, so we include // However, we're mocking libsignal in the tests, so we include
// it as plaintext in the message. // it as plaintext in the message.
const key = btoa(JSON.stringify({
'type': 1,
'body': obj.key_and_tag,
'registrationId': '1337'
}));
const stanza = $msg({ const stanza = $msg({
'from': contact_jid, 'from': contact_jid,
'to': _converse.connection.jid, 'to': _converse.connection.jid,
...@@ -216,7 +211,7 @@ ...@@ -216,7 +211,7 @@
}).c('body').t('This is a fallback message').up() }).c('body').t('This is a fallback message').up()
.c('encrypted', {'xmlns': Strophe.NS.OMEMO}) .c('encrypted', {'xmlns': Strophe.NS.OMEMO})
.c('header', {'sid': '555'}) .c('header', {'sid': '555'})
.c('key', {'rid': _converse.omemo_store.get('device_id')}).t(key).up() .c('key', {'rid': _converse.omemo_store.get('device_id')}).t(btoa(obj.key_and_tag)).up()
.c('iv').t(obj.iv) .c('iv').t(obj.iv)
.up().up() .up().up()
.c('payload').t(obj.payload); .c('payload').t(obj.payload);
...@@ -249,11 +244,6 @@ ...@@ -249,11 +244,6 @@
// XXX: Normally the key will be encrypted via libsignal. // XXX: Normally the key will be encrypted via libsignal.
// However, we're mocking libsignal in the tests, so we include // However, we're mocking libsignal in the tests, so we include
// it as plaintext in the message. // it as plaintext in the message.
const key = btoa(JSON.stringify({
'type': 1,
'body': obj.key_and_tag,
'registrationId': '1337'
}));
const stanza = $msg({ const stanza = $msg({
'from': contact_jid, 'from': contact_jid,
'to': _converse.connection.jid, 'to': _converse.connection.jid,
...@@ -262,7 +252,10 @@ ...@@ -262,7 +252,10 @@
}).c('body').t('This is a fallback message').up() }).c('body').t('This is a fallback message').up()
.c('encrypted', {'xmlns': Strophe.NS.OMEMO}) .c('encrypted', {'xmlns': Strophe.NS.OMEMO})
.c('header', {'sid': '555'}) .c('header', {'sid': '555'})
.c('key', {'prekey': 'true', 'rid': _converse.omemo_store.get('device_id')}).t(key).up() .c('key', {
'prekey': 'true',
'rid': _converse.omemo_store.get('device_id')
}).t(btoa(obj.key_and_tag)).up()
.c('iv').t(obj.iv) .c('iv').t(obj.iv)
.up().up() .up().up()
.c('payload').t(obj.payload); .c('payload').t(obj.payload);
......
src/converse-omemo.js
View file @ ed9afe9a
...@@ -241,13 +241,12 @@ ...@@ -241,13 +241,12 @@
decrypt (attrs) { decrypt (attrs) {
const { _converse } = this.__super__, const { _converse } = this.__super__,
address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)), address = new libsignal.SignalProtocolAddress(attrs.from, parseInt(attrs.encrypted.device_id, 10)),
session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address), session_cipher = new window.libsignal.SessionCipher(_converse.omemo_store, address);
libsignal_payload = JSON.parse(atob(attrs.encrypted.key));
// https://xmpp.org/extensions/xep-0384.html#usecases-receiving // https://xmpp.org/extensions/xep-0384.html#usecases-receiving
if (attrs.encrypted.prekey === 'true') { if (attrs.encrypted.prekey === 'true') {
let plaintext; let plaintext;
return session_cipher.decryptPreKeyWhisperMessage(libsignal_payload.body, 'binary') return session_cipher.decryptPreKeyWhisperMessage(atob(attrs.encrypted.key), 'binary')
.then(key_and_tag => { .then(key_and_tag => {
if (attrs.encrypted.payload) { if (attrs.encrypted.payload) {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag)); const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
...@@ -264,17 +263,17 @@ ...@@ -264,17 +263,17 @@
} else { } else {
return _.extend(attrs, {'is_only_key': true}); return _.extend(attrs, {'is_only_key': true});
} }
}).catch((e) => { }).catch(e => {
this.reportDecryptionError(e); this.reportDecryptionError(e);
return attrs; return attrs;
}); });
} else { } else {
return session_cipher.decryptWhisperMessage(libsignal_payload.body, 'binary') return session_cipher.decryptWhisperMessage(atob(attrs.encrypted.key), 'binary')
.then(key_and_tag => { .then(key_and_tag => {
const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag)); const aes_data = this.getKeyAndTag(u.arrayBufferToString(key_and_tag));
return this.decryptMessage(_.extend(attrs.encrypted, {'key': aes_data.key, 'tag': aes_data.tag})); return this.decryptMessage(_.extend(attrs.encrypted, {'key': aes_data.key, 'tag': aes_data.tag}));
}).then(plaintext => _.extend(attrs, {'plaintext': plaintext})) }).then(plaintext => _.extend(attrs, {'plaintext': plaintext}))
.catch((e) => { .catch(e => {
this.reportDecryptionError(e); this.reportDecryptionError(e);
return attrs; return attrs;
}); });
...@@ -324,7 +323,7 @@ ...@@ -324,7 +323,7 @@
KEY_ALGO, KEY_ALGO,
true, // extractable true, // extractable
["encrypt", "decrypt"] // key usages ["encrypt", "decrypt"] // key usages
).then((result) => { ).then(result => {
key = result; key = result;
const algo = { const algo = {
'name': 'AES-GCM', 'name': 'AES-GCM',
...@@ -362,7 +361,7 @@ ...@@ -362,7 +361,7 @@
device = dicts[i].device, device = dicts[i].device,
prekey = 3 == parseInt(payload.type, 10); prekey = 3 == parseInt(payload.type, 10);
stanza.c('key', {'rid': device.get('id') }).t(btoa(JSON.stringify(dicts[i].payload))); stanza.c('key', {'rid': device.get('id') }).t(btoa(payload.body));
if (prekey) { if (prekey) {
stanza.attrs({'prekey': prekey}); stanza.attrs({'prekey': prekey});
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7